GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
4ea5b239bd8bf1b734dda02997b36459Asterisk Project Security Advisory - The overlap dialing feature in chan_sip allows chan_sip to report to a device that the number that has been dialed is incomplete and more digits are required. If this functionality is used with a device that has performed username/password authentication RTP resources are leaked. This occurs because the code fails to release the old RTP resources before allocating new ones in this scenario. If all resources are used then RTP port exhaustion will occur and no RTP sessions are able to be set up.
a71c6e2e1707e12bb56ed82ed1a9cc50Asterisk Project Security Advisory - Asterisk can be crashed remotely by sending an ACK to it from an endpoint username that Asterisk does not recognize. Most SIP request types result in an "artificial" endpoint being looked up, but ACKs bypass this lookup. The resulting NULL pointer results in a crash when attempting to determine if ACLs should be applied. This issue was introduced in the Asterisk 13.10 release and only affects that release.
26c0c8d748f1c9752e605ab3456a75b8WordPress version 4.5.3 suffers from a cross site scripting vulnerability when an uploaded image filename has a malicious payload inserted.
0161ac0b585bf93aafacc9cd06d0582aTinycrypt.asm is a training ransomware virus that is fully configurable to your needs but it is designed to be very controllable. It was designed to be used with the PoShFoTo incident response toolkit.
a5016fbb0f4cdb133455314676ba8c4aPHPHolidays CMS version 3.00.50 suffers from a cross site scripting vulnerability.
fa304f70e56c35884d5302d51db580d1Samsung SystemUI fimg2d driver suffers from a null pointer dereference vulnerability.
3f3daa4a2b0c85cfd59b6f59a89f4152WordPress Cubed theme version 1.2 suffers from cross site request forgery and remote file upload vulnerabilities.
fa4196605f52b02f8cd82e5c9562d32eAirmail versions 3.0.2 and below suffer from a cross site scripting vulnerability.
3131cbaca933e301ddee453effcc9491Ubuntu Security Notice 3074-1 - It was discovered that File Roller incorrectly handled symlinks. If a user were tricked into extracting a specially-crafted archive, an attacker could delete files outside of the extraction directory.
2562b00ba409eff3296f311bfd37a898Picosmos Shows version 1.6.0 suffers from a stack overflow vulnerability.
b0a2ec0e6bae3b8069ee1d0d92e0b821WhatsApp suffers from a DLL hijacking vulnerability.
51c6ac3593525fee9a3bda477a7d0693HDWiKi version 4.0.4 suffers from a cross site scripting vulnerability.
903b177c58cca1ecd66a6801e2d7d0b5BugNET version 1.6.315.0 suffers from a cross site scripting vulnerability.
563ff9f4db63820ca4846a8cd21f9f9bWinSCP version 5.9.1 suffers from a DLL hijacking vulnerability.
32f0181a15173a9ae62890038e489121OoVoo version 3.7.1 suffers from a DLL hijacking vulnerability.
6bb99a96fdea3c3161038663e113dd91
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed